Bring robust cybersecurity policy

Bring robust cybersecurity policy

It’s also time to establish cyber defence organisations that lead the country into a secure and resilient digital future

People are increasingly shopping, banking and entertaining online, which requires them to share their personal information – phone numbers, addresses, credit card details, and so forth. This makes both people and businesses vulnerable to cyberattacks. In times to come, managing privacy and securing data will be the new normal while paying electricity bills, taxes, etc.

Given this, it’s time for the government to build a holistic cybersecurity policy and establish cyber defence organisations to ensure and lead the country to a safe, secure, and resilient digital future. Here’s what the government should focus upon to place India in the highest echelons of cyber leaderships, globally:

Focus Areas
• The first step towards building a holistic cybersecurity strategy is to amend the IT Act, 2000, commonly known as the Cyber Law, as some of its provisions have become redundant and cannot address the issues arising from the evolving threats.

• The government, to protect critical information like personal data, business information and financial information must look to enact data protection laws on the lines of European Union’s General Data Protection Regulation.

• Cyber threats have put governments, citizens and businesses at risk. Our cybersecurity must be robust to intercept and block any such cyberattack attempts. The government must make the Cyber Defence Agency, which is entrusted with the responsibility of securing the cyberspace, functional.

• Computer Emergency Response Team (CERT) handles cybersecurity incidents and provides guidelines based on research to improve cybersecurity systems. CERT also conducts public awareness campaigns. The Central government must replicate CERT at the State-level to ensure speedier incident response.

• The country needs an elite cyber commando force that can neutralise any cyber enemy. Therefore, the government must look to establish a National Defence Academy that provides rigorous training to cyber cadets.

• Cyber cells in the police forces are limited in terms of capabilities. The government must lay emphasis on empowering these cyber cells by deploying specialised cyber police cadres in all State police departments.

• The government must consider investing in building a business ecosystem that can leverage artificial intelligence and robotics to improve operations and enhance productivity.

• It must ensure that the cyber defence infrastructure is built only on qualified and trusted telecom and security equipment. The government must establish testing labs in India that will certify the equipment after rigorous tests.

cybersecurity policy

Major Initiatives
Understanding the need of emerging cybersecurity, the government of India has worked on the National Policy on Electronics (NPE), 2019. This is just one of the first steps that government, organisations and regulatory bodies have taken in recent times to strengthen the ecosystem. To optimise the cybersecurity business opportunities and build a strong cyber-safe nation, we have witnessed multiple initiatives by the government, including data protection regulations like the General Data Protection Regulation, California Consumer Privacy Act, etc, which was the demand of the business for long.

The government has reserved 10% of the IT budget for cybersecurity, and various State governments — Andhra Pradesh, Telangana and Haryana — have also announced a policy of reserving budget for cybersecurity. It has announced the development of Cyber Security Framework for Smart Cities under the guidance of National Cyber Security Coordinator in association with the industry. There’s also a sharp focus on cybersecurity by regulators. Some of the key initiatives by regulatory bodies include cyber security framework in banks by the RBI, guidelines for information and cybersecurity for insurers by IRDAI, cybersecurity & cyber resilience framework for registrars to issue/share transfer agent by Sebi.

Cybersecurity for business, government and individual is a must but one that concerns all is the cybersecurity of defence. It is a known fact that legacy systems simply do not have the capabilities to keep up with the evolving security threats and relying solely on human oversight will not serve the purpose. The need of the hour is capable automated systems that can monitor, detect, manage and prevent cyber-attacks in real-time. Understanding the growing concern, the MHA has developed National Information Security Policy & Guidelines (NISPG), which sets up requirements for the protection of information generated in government departments and bodies.

Lucrative market
A report by Nasscom, Data Security Council of India & PwC also suggests that the Indian cybersecurity market is forecast to grow at a CAGR of over 19% during 2018-23. Growth in the market is expected to be driven by multiple forces, including rising number of government initiatives towards digitising; increasing awareness of business and individuals towards cybersecurity; rapid adaptation of security initiatives in healthcare, BFSI, education and other vital sectors; rapid adoption of social, mobile, analytics, cloud and IoT technologies by business, government, and individuals.

The projection of the exponential growth is based on basic facts that the Indian market comes with certain competitive advantages, which makes it a preferred destination for global Security Operations Centres (SoCs); mature security practice of Indian IT services companies; security services operations by MNCs; preferred destination for security R&D; existing GIC (Global In-house Centre) security operation centres; competitive IT product ecosystem, existing network of 100-plus security companies, availability of skillsets – over 1,50,000 experienced security professionals; and trust factor that IT industry brings to the global IT players.

As of now, India’s cybersecurity landscape is passing through a transformational phase and it is too early to say that the joint efforts of the government, regulators and industry are showing results, but the Indian cybersecurity industry is doing good and projected to do better.

Also Published at

Add a Comment

Your email address will not be published. Required fields are marked *